ea2c5a20f93514cd0a1bc10a75d939e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea2c5a20f93514cd0a1bc10a75d939e1_JaffaCakes118
Size

1.6MB
MD5

ea2c5a20f93514cd0a1bc10a75d939e1
SHA1

d4038028a280778d5b08940d9bc385d1a663021c
SHA256

590f1604a083abd8555d0a3db213b243574cf1c814b039d3a85c01bcc9f4247a
SHA512

84b83faa8917550845683d34db91d15aebf6a1eacddaee0e4db31e3432809513153335b36b3510e283b67e36a905a7eed3420651aedc780cab3ffeb8afc2c11a
SSDEEP

24576:1twcAzU3cAWhsMSQIW14c8AQZHBwvNoCaTt+4my4rHxm5sSl6YkbyvT:/wcCAcCQILBAQqvNoRTtsrHyybyv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea2c5a20f93514cd0a1bc10a75d939e1_JaffaCakes118

Files

ea2c5a20f93514cd0a1bc10a75d939e1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3f6f2a4a798382088a33e1ff64ca8850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname

winmm

mciSendStringW

version

GetFileVersionInfoW

comctl32

ImageList_Destroy

psapi

GetModuleBaseNameW

wininet

InternetOpenUrlW

kernel32

GetVersionExW
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

CheckMenuItem

gdi32

SelectObject

comdlg32

GetOpenFileNameW

advapi32

AdjustTokenPrivileges

shell32

SHGetMalloc

ole32

CLSIDFromString

oleaut32

SafeArrayUnlock

Sections

.zd3NKYw
Size: - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GImryVA
Size: - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.N2Y01oA
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cctv0
Size: - Virtual size: 845KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wcDAdfr
Size: - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cctv1
Size: - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cctv2
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sffbgAR
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f6f2a4a798382088a33e1ff64ca8850

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.zd3NKYw Size: - Virtual size: 636KB

.GImryVA Size: - Virtual size: 142KB

.N2Y01oA Size: - Virtual size: 35KB

.cctv0 Size: - Virtual size: 845KB

.wcDAdfr Size: - Virtual size: 520B

.cctv1 Size: - Virtual size: 716KB

.cctv2 Size: 1.5MB - Virtual size: 1.5MB

.sffbgAR Size: 174KB - Virtual size: 173KB

.zd3NKYw
Size: - Virtual size: 636KB

.GImryVA
Size: - Virtual size: 142KB

.N2Y01oA
Size: - Virtual size: 35KB

.cctv0
Size: - Virtual size: 845KB

.wcDAdfr
Size: - Virtual size: 520B

.cctv1
Size: - Virtual size: 716KB

.cctv2
Size: 1.5MB - Virtual size: 1.5MB

.sffbgAR
Size: 174KB - Virtual size: 173KB